Data Security Is A Federal Issue Now

Just when you think you have dodged the data security bullet, here come the Feds. My view on data security of late has been that those who thought they needed to secure information have done it, and those who didn't were not in a big hurry to do it. Times are changing. The Federal Data Breach Notification Law that recently passed through the house is now on its way to the Senate and then on its way to you.

George Crump

January 27, 2010

2 Min Read
NetworkComputing logo in a gray background | NetworkComputing

Just when you think you have dodged the data security bullet, here come the Feds. My view on data security of late has been that those who thought they needed to secure information have done it, and those who didn't were not in a big hurry to do it. Times are changing. The Federal Data Breach Notification Law that recently passed through the house is now on its way to the Senate and then on its way to you.

Basically this law will model much of the California law that started the whole mess, sending an initial round of companies scrambling to encrypt their data. Encryption is the best way to avoid going through the public disclosures that have made headlines over the past few years. The net of the state and federal laws is to make sure that sensitive customer information is protected when it leaves your data center.

So what do you do? Either make sure nothing leaves your extended firewall, or if it does, encrypt it. Options are available for both strategies. In the data deduplication tech center, I have been listing the replication capabilities for the various dedupe vendors. Deduplication makes electronic vaulting viable for many organizations. It may be enough to keep you inline with these new mandates. For many larger organizations, dedupe alone is not going to be enough. There is simply too much data that has to be kept too long. As we discuss in our article Archiving Basics, disk-based archives are a viable augmentation to your backup strategy, and most can encrypt data either prior to being replicated to a remote site or as it lands at a remote site. Even if the archive is stolen, you are protected.

If you are going to move data to tape, you are going to need some sort of encryption capabilities. Some of the tape manufacturers have encryption built into the drives, and some of the tape library manufacturers have the capability built into the library, though some sort of add-on appliance or blade for your SAN backbone will be required. These appliances or blades also have the advantage of encrypting primary disk storage as well as tape. Encryption of primary storage, as I have written about in the past, becomes important when you look to dispose of old storage systems.

Read more about:

2010
SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights